Name: Barracuda Spam Firewall 600 (Anti-spam group test)
- Good collection of spam filters.
- Dated interface.
- Well-managed appliance that would be well suited to mail gateway roles.
SC Labs Reviews
Reviews from our expert team
Barracuda’s Spam Firewall is a 1U appliance running Linux and offering SMTP services with a good selection of mail filters to keep the junk mail out.
The web administration interface works well on all browsers, and, although it looks dated compared with the context-laden, tree-view interfaces that dominate management GUIs today, it presents the functions in a clear and concise way.
The inline context help is limited but direct. It does a good job explaining some technical topics.
SMTP sessions seemed very slow in initial handshaking but once connected mail traffic flowed through the system quickly. By default a rate-limit of 15 messages per session is enforced to prevent mailbombing, which may impact gateway environments. However, the configuration is easily changed.
Anti-spam filters include regular expression matching, RBLs and RDNS, and more advanced features such as RFC compliance-checking. The default settings should work for most environments.
Reporting offers some basic graphs, which are sufficient, but enterprise environments might want more. The message log is more detailed – every message is logged with its body intact. In a heavy throughput network that will get out of control fast as there are no controls to enforce log rotation beyond the 250,000 message default.
Flexibility is lacking. Individuals can set whitelists and blacklists but only on addresses, which will limit the use to whitelist functions.
The unit picked up spam easily, but did show a high rate of false positives among newsletters and email sent to large groups. Finding a happy medium by tweaking the spam scoring proved tricky, but not much more than any email administrator should expect from a newly-installed anti-spam solution.
The management interface is normally secured but we were surprised to see password changes being exchanged in plain text. Barracuda tells us that a future version will use https to secure this.